10

15

20

25

30

## SYSTEM AND METHOD FOR TRUE RANDOM NUMBER GENERATION

The present invention relates to a method for providing a true random number generator. More particularly, the present invention relates to a system and method for providing an entirely digital and/or digitally synthesizable true random number generator for incorporation on integrated circuits (IC) using any standard logic synthesis tool or comparable technique.

Random number generation is employed in a variety of applications, including for example, computer security, cryptography, audio systems testing, bit error testing and secure communications. Current efforts in the area of random number generation typically require an analog oscillator to obtain frequency variance, or metastable flip flops to provide an unpredictable pattern, or analog circuitry to filter and amplify thermal noise, or some combination of each. Accordingly, it is desirable to provide a system and/or method for designing true random number generators (TRNGs) that do not require any of the aforementioned analog components and/or metastable configurations. It is also desirable for the system and/or method to facilitate the synthesis of TRNGs for incorporation on an IC using any standard technique.

It is an object of the present invention to provide a system and method for generating a true random number. The system and method comprise providing at least a counter, a shifter, a first oscillator for cooperating with the counter, a second oscillator for cooperating with the shifter, and a microprocessor for cooperating with each of the aforesaid components.

The system and method of the present invention provides for the generation of a random number without the use of analog clocks or metastable configurations because the generating clocks of the present invention are digitally controlled ring oscillators designed with frequency perturbation based on digital (high or low) input signals thereby allowing random frequencies to be generated from truly digital signals. Accordingly, random numbers can be generated using simple counters and shifters. TRNGs designed using the system and method of the present invention can be synthesized for incorporation on an IC using any standard logic synthesis tool or comparable technique. These and other objects and advantages of the present invention are achieved by the system and method of the present invention.

10

15

20

25

30

The present invention is more fully understood by reference to the following detailed description of an illustrative embodiment in combination with the drawings identified below.

Fig. 1 is a block diagram of a system in accordance with an illustrative embodiment of the present invention;

Fig. 2 is a block diagram of another illustrative embodiment of the present invention;

Fig. 3 is a schematic diagram of a true random number generating circuit in accordance with an illustrative embodiment of the present invention; and

Fig. 4 is a flow chart of one method for providing a true random number in accordance with the present invention.

Conventional systems for generating random numbers employ oscillators, such as ring oscillators to generate random numbers. Ring oscillators typically have an odd number of gates that are connected in series to form a ring, and in some cases a gate of such ring oscillators may have as an input a combination of outputs of other gates in the ring. Ring oscillators can be sampled at a certain point to provide a random or a pseudo random number.

Although conventional TRNGs can provide random numbers and/or pseudo random numbers, it is realized by those in the art that many of these TRNGs can be periodic in nature and consequently generate numbers that are less random than desirable. Further, as it is desirable to efficiently incorporate TRNGs on a chip or an IC so as to not require special components on the chip or IC to generate random numbers, a system that is relatively compact and that dissipates relatively small amounts of power is desirable.

The system and method of the present invention will be described hereafter in terms of certain illustrative embodiments. However, it will be recognizable to one of ordinary skill in the art that the system and method can effectively operate using other substitutable components and/or other comparable configurations.

Referring to the drawings and, in particular Fig. 1, there is shown a block diagram of a system for true random number generation in accordance with an illustrative embodiment of the present invention generally represented by reference numeral 10. Preferably, system 10 can accommodate at least a 2 Mbits/sec (62,500 numbers per second) rate while providing unpredictable/non-deterministic number generation, and can optionally operate with or without a seed value. System 10 is preferably biased against long runs of digital 0's and

10

15

20

25

30



digital 1's. System 10 preferably can also have a sleep mode to reduce required power requirements.

System 10 has at least one counter 20 for generating bits, at least one shifter 30 for scrambling bits, at least one first oscillator 40 for cooperating with said at least one counter 20, at least one second oscillator 50 for cooperating with said at least one shifter 30, and a microprocessor 60 for cooperating with each of the aforesaid components to provide a frequency perturbation based on digital input signals. Counter 20 preferably has an initialization register for receiving an initialization bit value 5, the bit value preferably being inserted at a trailing edge of an initialization write of microprocessor 60. Counter 20 is preferably a 32-bit up counter. However, counter 20 can also be 16-bit up counter and a 16-bit down counter, and/or any other comparable type of counter suitable for accomplishing the above-identified objects of the present invention. If the 16-bit counters are used, the outputs thereof may be interleaved into shifter 30. Shifter 30 preferably being a barrel shifter, and more particularly a 32-bit barrel shifter. Shifter 30 can be any other comparable type of shifter suitable for accomplishing the above-identified objects of the present invention. First and second oscillators 40 and 50 are preferably ring oscillators each having a differing odd number of stages, first oscillator 40 preferably being a 5-stage oscillator and second oscillator 50 preferably being a 7-stage oscillator. It is noted however, that first and second oscillators 40 and 50, respectively, can also be any other comparable type of oscillator sufficient to accomplish the above-identified objects of the present invention. First and second oscillators 40 and 50 can preferably be constructed from a combination of inverters, AND gates, NAND gates, NOR gates, XOR gates, and/or any other similar type components. Refer generally to Fig. 3 for one illustrative embodiment of system 10 employing an illustrative combination of components in accordance with the present invention.

Referring to Fig. 2, system 10 can preferably include a whitening filter and/or a linear feedback shift register ("LFSR") 70 between shifter 30 and microprocessor 60. This arrangement preferably facilitates using a counter value to modify an output of shifter 30. Preferably, LFSR 70 can have any number of stages appropriate for accomplishing the above-identified objectives of the present invention. System 10 can also include a one-hot shift selector 80 between second oscillator 50 and shifter 30.

10

15

20

25

To illustrate how system 10 operates, refer to Fig. 4, which is a flow chart of one method for providing a true random number in accordance with an illustrative embodiment of the present invention generally represented by reference numeral 100. Method 100 comprising at least the steps of 110, 120, 130 and 140. Step 110 is to utilize at least one counters 20 to generate bits. Preferably, counter 20 is initialized by a write from microprocessor 60 to an initialization register of the counter, the microprocessor having some rate or frequency. Preferably, counter 20 is clocked by first oscillator 40 at a rate or frequency that is preferably chip dependent on the physical characteristics of the components used to form the first oscillator and asynchronous to that of the microprocessor. Step 120 is to utilize at least one shifter 30 to scramble bits. Preferably, shifter 30 cooperates with counter 20, shifter 30 being continuously spun by second oscillator 50 at a rate or frequency asynchronous to that of counter 20 and microprocessor 60. Preferably, the shifter rate or frequency is faster than that of the microprocessor. Step 130 is to utilize oscillators 40 and 50 to simultaneously cooperate with counter 20 and shifter 30, respectively. Step 140 is to cross couple asynchronous frequency control bits for oscillators 40 and 50 from counter 20 and shifter 30. Accordingly, it is preferable that when microprocessor 60 reads a random number having a certain number of bits, such as for example 32 bits, shifter 30 will preferably inputs a current counter 20 value and shift it by a current shift count (e.g. 0 to 31). Preferably, as the frequencies of each of components (i.e., the counter, the shifter and the microprocessor) are asynchronous to each other, a nonpredictable pattern of bit numbers is returned to the microprocessor.

The present invention having been thus described with particular reference to the preferred forms thereof, it will be obvious that various changes and modifications may be made therein without departing from the spirit and scope of the present invention as defined herein.